/dev/urandom and /dev/random

To: debian-devel@lists.debian.org
Subject: /dev/urandom and /dev/random
From: Russell Coker <russell@coker.com.au>
Date: Wed, 17 Oct 2001 16:45:09 +0200
Message-id: <[🔎] 20011017175923.F27A83656DE@lyta.coker.com.au>
Reply-to: Russell Coker <russell@coker.com.au>

Currently the permissions settings for these devices are uncertain.

MAKEDEV makes /dev/urandom mode 444 and /dev/random either mode 444 or more 
666.

For devfs I plan to make them both mode 644.  From reading the latest kernel 
source I see that writing to either of them gives the same result (so having 
different write permissions for them makes no sense).  The boot script 
/etc/init.d/urandom from the sysvinit package writes to /dev/urandom so root 
write access makes sense to me (sure root can write to it anyway but I think 
that the permissions should reflect the usage for clarity).

Also I suspect that if a malicious user ran "cat /dev/zero > /dev/random" 
then they could poison the random number pool so I think that mode 644 is the 
correct permissions for both devices.

Let me know if you disagree.  If there's no complaints then I'll file a bug 
against makedev to make it do the same.

-- 
http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/     My home page

Reply to:

Follow-Ups:
- Re: /dev/urandom and /dev/random
  - From: Ethan Benson <erbenson@alaska.net>

Prev by Date: Re: woody is getting worse...
Next by Date: Re: woody is getting worse...
Previous by thread: Bug#115989: general: log rotate script for apache does not work properly when Including Directories
Next by thread: Re: /dev/urandom and /dev/random
Index(es):
- Date
- Thread